UAI-1 is the current public message standard for structured AI-to-AI communication.
UAIX shield mark Public interoperability charter UAIX.org Universal Artificial Intelligence Exchange Public standards publication
Current UAI-1
  • Current version UAI-1
  • Plain-English definition Open message format for auditable AI-to-AI exchange
  • Current attribution Michael Joseph Kappel, MCP
  • Start here Get Started, Project Handoff, UAI-1, validator, roadmap, and changelog

Guides

Agent Capability Ladder

L0-L5 progressive web-access view for URL-only chatbots, URL synthesizers, schema-capable tool users, workflow agents, and governed multi-agent systems.

  • Record UAIX-DOC-2723
  • Path /en-us/guides/agent-capability-ladder/
  • Use Canonical public record

Document status

Public standards page Published on UAIX as part of the current public standards record
Code
UAIX-DOC-2723
Surface
Guides
Access
Public and linkable

How to use this page

Use this guide to map URL-only chatbots, URL synthesizers, schema-capable tool users, workflow agents, and governed multi-agent systems to the lowest safe access level.

The agent access ladder defines how the same public site can serve chatbots, URL builders, schema-aware tools, and advanced agents without widening permissions.

Level Name Minimum access Recommended UAIX path
L0 URL-only chatbot GET a public URL, no body, no custom headers. Minimal Access Tier.
L1 Single-step URL synthesizer Build a simple public URL and parse compact JSON. Minimal Access plus bounded GET-Action only when bounded and idempotent.
L2 Schema-capable tool user Read schemas, compare examples, and prefer POST JSON. Schemas, Registry, Validator.
L3 Scoped autonomous workflow agent Use tools and auth only with consent, idempotency, and evidence. Advanced Agent Support.
L4 Multi-step workflow coordinator Track correlation, timeout, fallback, blockers, and final reports. Agent communication and Project Handoff records.
L5 Governed multi-agent or audited system Attach verifier evidence, audit digests, redaction, and human review. Advanced support plus public-safe audit evidence.

Compatibility note

The broader UAIX standards ladder also names L6 for audited agent systems. This agent-access page uses L0-L5 as a progressive web-access view and keeps high-assurance audit claims behind the advanced-agent evidence boundary.

Downgrade rule

Unknown clients downgrade to L0/L1. They get public URLs, compact JSON, and explicit no-op behavior before any write, auth, tool, memory, coordination, or audit claim.

Boundary

Agent runtimes execute. UAIX records the reviewed communication, memory, trust, evidence, and handoff boundary.

  • Minimal Access is read-only, public-safe, GET-only, URL-only, and must not mutate state.
  • GET-Action is a separate bounded fallback for bounded actions and must not be treated as a replacement for POST JSON APIs.
  • UAIX does not certify runtime safety, truth, consciousness, authorization, medical suitability, or production readiness.

Machine-readable companions

Agent Communication Operating Model

Agent runtimes execute. UAIX records the reviewed communication, memory, trust, evidence, and handoff boundary.

Use Agent Communication Operating Model when a human operator, coding agent, AI agent, or runtime implementer needs portable identity, intent, context, acknowledgement, status, blocker, memory proposal, validation evidence, correction, final report, or handoff records. The matching machine-readable assets are published through Schemas, Registry, Examples, and the Validator.

  • UAIX does not provide automatic sync, hosted messaging, runtime orchestration, official adapters, repository write execution, certification authority, or hosted import mechanisms.
  • Carcinus.org is a separate runtime/orchestrator example that may consume UAIX records. UAIX.org does not implement Carcinus runtime behavior and does not execute Carcinus workflows.
  • LocalEndPoint and other runtimes may consume the published UAIX records as external consumers; UAIX.org does not implement their project-specific runtime features.
  • Durable memory proposals stay separate from task execution records. Do not promote temporary endpoint statuses, session tokens, write tokens, beta platform instructions, local error traces, private keys, or API credentials.